Filtered by vendor Radare
Subscribe
Total
163 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9520 | 1 Radare | 1 Radare2 | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file. | |||||
| CVE-2017-7946 | 1 Radare | 1 Radare2 | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file. | |||||
| CVE-2017-15932 | 1 Radare | 1 Radare2 | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems. | |||||
| CVE-2017-6448 | 1 Radare | 1 Radare2 | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. | |||||
| CVE-2017-15931 | 1 Radare | 1 Radare2 | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems. | |||||
| CVE-2017-15385 | 1 Radare | 1 Radare2 | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of service (r_read_le16 invalid write and application crash) or possibly have unspecified other impact via a crafted ELF file. | |||||
| CVE-2017-9949 | 1 Radare | 1 Radare2 | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. | |||||
| CVE-2017-6319 | 1 Radare | 1 Radare2 | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. | |||||
| CVE-2026-40499 | 1 Radare | 1 Radare2 | 2026-05-01 | N/A | 7.8 HIGH |
| radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted section names to inject r2 commands that are executed when the idp command processes the file. | |||||
| CVE-2026-40517 | 1 Radare | 1 Radare2 | 2026-04-27 | N/A | 7.8 HIGH |
| radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitized symbol name interpolation in the flag rename command, which are then executed when a user runs the idp command against the malicious PDB file, enabling arbitrary OS command execution through radare2's shell execution operator. | |||||
| CVE-2026-6941 | 1 Radare | 1 Radare2 | 2026-04-27 | N/A | 6.6 MEDIUM |
| radare2 prior to 6.1.4 contains a path traversal vulnerability in its project notes handling that allows attackers to read or write files outside the configured project directory by importing a malicious .zrp archive containing a symlinked notes.txt file. Attackers can craft a .zrp archive with a symlinked notes.txt that bypasses directory confinement checks, allowing note operations to follow the symlink and access arbitrary files outside the dir.projects root directory. | |||||
| CVE-2026-6940 | 1 Radare | 1 Radare2 | 2026-04-27 | N/A | 7.1 HIGH |
| radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by supplying absolute paths that escape the configured dir.projects root directory. Attackers can craft absolute paths to project marker files outside the project storage boundary to cause recursive deletion of attacker-chosen directories with permissions of the radare2 process, resulting in integrity and availability loss. | |||||
| CVE-2025-63744 | 1 Radare | 1 Radare2 | 2025-11-19 | N/A | 4.3 MEDIUM |
| A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_dyldcache.c. Processing a crafted file can cause a segmentation fault and crash the program. | |||||
| CVE-2025-63745 | 1 Radare | 1 Radare2 | 2025-11-19 | N/A | 5.5 MEDIUM |
| A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data. | |||||
| CVE-2025-60361 | 1 Radare | 1 Radare2 | 2025-10-23 | N/A | 3.3 LOW |
| radare2 v5.9.8 and before contains a memory leak in the function bochs_open. | |||||
| CVE-2025-60360 | 1 Radare | 1 Radare2 | 2025-10-23 | N/A | 5.5 MEDIUM |
| radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init. | |||||
| CVE-2025-60359 | 1 Radare | 1 Radare2 | 2025-10-23 | N/A | 5.5 MEDIUM |
| radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new. | |||||
| CVE-2025-60358 | 1 Radare | 1 Radare2 | 2025-10-23 | N/A | 5.5 MEDIUM |
| radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. | |||||
| CVE-2024-11858 | 1 Radare | 1 Radare2 | 2025-08-05 | N/A | 8.6 HIGH |
| A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​ | |||||
| CVE-2024-29645 | 1 Radare | 1 Radare2 | 2025-07-01 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function. | |||||